To make the application even more safe, release 3.3.3 also added a new security feature. This feature creates a distinction between the e-mail address used for communication in the recruitment process and the e-mail address used to reset your password. This distinction will make the application even more safe.
What has been changed?
In some cases multiple users use a corporate e-mail address in the application. If such a user requested a new password via the login screen, which will be send by e-mail, every user with the same e-mail address also received the new password. In the context of security this isn’t a desirable situation, that the users with the same e-mail address can login with your account and change settings.
To prevent this, every user can now enter their own password reset e-mail address, where a newly requested password will be send to. This allows you to use a corporate e-mail address for communicating from the application, but makes sure a newly requested password will be send to your personal e-mail account. This only works if everyone has their own user account. If multiple persons work with the same user account, we strongly advise you create a personal user account for every user.
How can I change this?
Log in to the application and click on Settings (top right), then click on Reset password e-mail. Users can change their own e-mail address and reset their password. Administrators can change this for every users.
What happens if I don’t change it?
If the e-mail address won’t be changed, it will no longer be possible for users with a joint e-mail address to reset their password. A new password can only be send if another e-mail address has been entered in the field ‘Send password’.
Do you have any questions about this change? Please sent us an firstname.lastname@example.org